HIPAA Outpatient Practice Policies and Procedures Toolkit


In the early 2000’s, we quickly realized that our contracting clients would be at financial risk if they had HIPAA violations resulting in penalties and fines.  So we created a HIPAA Policies & Procedures Manual for physician practices.  We completely revised it in 2013 when the new HITECH regulations became the HIPAA standard that exists today.  We monitor HHS and the Office for Civil Rights websites for any significant changes, so you don’t have to.  More than 20 HIPAA privacy and HIPAA security tools and patient communication templates are included.

Equally important, our HIPAA Online Staff Training has enjoyed huge success with over 15,000 trainings to date.  It aligns with our HIPAA Manual, is entertaining, informative and meets the obligations of HIPAA by documenting training completion by every workforce member.  Practice Administrators appreciate the efficient time savings of the online format and employees appreciate the convenience.  HIPAA training can be easily set up for an entire staff to coordinate with the implementation of a new HIPAA Policies & Procedures Manual.  Going forward, HIPAA training can become part of a compliant on-boarding process for all new staff joining a practice.

Among the privacy and security topics included:

  • Privacy officer job description
  • Protected Health Information (PHI) policy
  • Security Rules and Risk Management
  • Emailing/faxing PHI
  • Breach Notification Requirements
  • Business Associates subcontractor agreement form
  • Workforce Training Policies
  • Open Door Policy
  • Non-retaliation Policy
  • Security Risk Assessment tool
  • Emergency Preparedness Plan


After your Practice's HIPAA Outpatient Practice Policies and Procedures manual has been created, ask your legal counsel to review it. Government compliance regulations change over time and regulations may differ from state to state. A legal review is critical before production and distribution.

This manual template is current as of 2019. Changes in laws, rules, and regulations may require periodic updates to this manual. In addition, changes to your Practice might warrant updates to your HIPAA policies and procedures and staff training. An example: if your Practice implements an entirely new computer system or EMR system, this would necessitate that all workforce members receive new HIPAA training. 


Thank you for for considering the HIPAA Outpatient Practice Policies and Procedures Toolkit. We are certain you will find the manual an invaluable tool in building your practice's compliance program.

We are available to help you with any compliance questions or concerns you may have to facilitate your implementation of your compliance program. If you have any questions, please contact me at 303-586-9390.

We look forward to hearing from you, and hope that you tell other practice administrators and physicians about this product if it exceeds your expectations.

Marcia L. Brauchler

Customize Toolkit

The HIPAA Outpatient Practice Policies and Procedures Toolkit is customized to your particular practice. Once your purchase is complete, you will recieve an email with your documents.

Please ensure that you review your entered information carefully, as you will not be able to modify it in your generated documents.

I acknowledge that additional customization and legal review is necessary to ensure a HIPAA-compliant manual.

I acknowledge that state law regarding HIPAA laws is outside the scope of the manual.

I understand and accept the terms and conditions of the copyright.